Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
Pope heads to tiny Catholic Monaco
-
Meet the four astronauts set to voyage around the Moon
-
Artemis 2 Moon mission: a primer
-
It's go time: historic Moon mission set for lift-off
-
Denmark's PM Mette Frederiksen, tenacious and tough on migration
-
OpenAI kills Sora video app in pivot toward business tools
-
Danish PM's left-wing bloc wins election, but no majority
-
Brazil court grants house arrest for jailed Bolsonaro
-
Sinner downs Michelsen to reach Miami Open quarter-finals
-
Advantage Arsenal in women's Champions League quarter-final against Chelsea
-
Garner dreams of World Cup glory in bid to replicate England under-21 success
-
New Mexico jury finds Meta liable for endangering children
-
Huge crowd in Buenos Aires marks 50 years since Argentina's coup
-
Oil, stock trading spiked before Trump's Iran remarks
-
Colombia military plane crash death toll rises to 69
-
Trump adds Columbus statue, walkway in latest White House makeover
-
Danish PM's left-wing bloc leads election, but no majority
-
Toronto unveils upgraded World Cup venue after fan scorn
-
Beerensteyn goal gives Wolfsburg edge over Lyon in women's Champions League
-
Gang crackdown carried out without 'abuses,' Guatemalan defense chief says
-
Afghanistan releases detained US citizen
-
Danish PM's left bloc leads election, but no majority
-
'Illustrious' Salah to leave Liverpool at the end of the season
-
Trump says Iran gave US 'gift' linked to Strait of Hormuz
-
US officials downplay controller 'distraction' in New York crash
-
Massive Russian drone attacks kill eight, hit Ukraine UNESCO site
-
Salah to leave Liverpool at the end of the season
-
Trump has destroyed Venezuela's socialist ideology: opposition leader
-
France urges Israel 'to refrain' from seizing south Lebanon zone
-
UN rights council to hold urgent debate on Iran's Gulf strikes
-
Russia rains drones on Ukraine, killing eight, hitting UNESCO site
-
Lukaku to miss Belgium World Cup warm-up trip to US
-
Data canary shows economy already suffering from Middle East war
-
ConocoPhillips chief seeks extra US protection of Mideast assets
-
Oil prices jump as Trump's Iran claims raise doubts
-
In world first, antimatter taken on test drive at CERN
-
New Chile president withdraws support for Bachelet UN chief bid
-
Mammals cannot be cloned infinitely, mice study discovers
-
600-year-old pinot noir grape found in medieval French toilet
-
NASA to build $20 bn moon base, pause orbital lunar station plans
-
Czech 'arks' help preserve Ukraine's cultural heritage
-
Shiffrin closes on World Cup overall title with slalom win
-
Griezmann to leave Atletico for Orlando at end of season
-
New Nice mayor poses a 'real problem' for 2030 Winter Olympics
-
Afghanistan announces release of detained US citizen
-
Meta awaits verdict in New Mexico child safety trial
-
Pinheiro Braathen wins World Cup giant slalom title after Odermatt crashes
-
Aid flotilla arrives in Cuba as US oil blockade bites
-
Residents recount guilt, chaos in hearing on deadly Hong Kong fire
-
Oil prices jump, stocks slip as Trump's Iran claims raise doubts
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
Q.Bulbul--SF-PST
